From 06420e84ec44a6dea78f2754a69e5607bbe8735c Mon Sep 17 00:00:00 2001 From: Gergely Brautigam Date: Fri, 22 Nov 2019 06:58:03 +0100 Subject: [PATCH 1/2] Require to pass in interface instead of the concrete type which ties this library to STS directly. --- pkg/token/token.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkg/token/token.go b/pkg/token/token.go index ec923a071..dba5e8bda 100644 --- a/pkg/token/token.go +++ b/pkg/token/token.go @@ -35,6 +35,7 @@ import ( "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sts" + "github.com/aws/aws-sdk-go/service/sts/stsiface" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" clientauthv1alpha1 "k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1" "sigs.k8s.io/aws-iam-authenticator/pkg/arn" @@ -162,7 +163,7 @@ type Generator interface { // Get a token using the provided options GetWithOptions(options *GetTokenOptions) (Token, error) // GetWithSTS returns a token valid for clusterID using the given STS client. - GetWithSTS(clusterID string, stsAPI *sts.STS) (Token, error) + GetWithSTS(clusterID string, stsAPI stsiface.STSAPI) (Token, error) // FormatJSON returns the client auth formatted json for the ExecCredential auth FormatJSON(Token) string } @@ -205,6 +206,7 @@ func (g generator) GetWithRoleForSession(clusterID string, roleARN string, sess }) } +// StdinStderrTokenProvider gets MFA token from standard input. func StdinStderrTokenProvider() (string, error) { var v string fmt.Fprint(os.Stderr, "Assume Role MFA token code: ") @@ -296,7 +298,7 @@ func (g generator) GetWithOptions(options *GetTokenOptions) (Token, error) { } // GetWithSTS returns a token valid for clusterID using the given STS client. -func (g generator) GetWithSTS(clusterID string, stsAPI *sts.STS) (Token, error) { +func (g generator) GetWithSTS(clusterID string, stsAPI stsiface.STSAPI) (Token, error) { // generate an sts:GetCallerIdentity request and add our custom cluster ID header request, _ := stsAPI.GetCallerIdentityRequest(&sts.GetCallerIdentityInput{}) request.HTTPRequest.Header.Add(clusterIDHeader, clusterID) From 23a6ef5eaa96e5e3eba0e9970809225895c9bd6a Mon Sep 17 00:00:00 2001 From: Gergely Brautigam Date: Fri, 22 Nov 2019 07:13:56 +0100 Subject: [PATCH 2/2] Added vendor into modules. --- vendor/modules.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vendor/modules.txt b/vendor/modules.txt index 0762a7350..8fadcb945 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -9,13 +9,13 @@ github.com/aws/aws-sdk-go/aws/session github.com/aws/aws-sdk-go/service/ec2 github.com/aws/aws-sdk-go/service/ec2/ec2iface github.com/aws/aws-sdk-go/service/sts +github.com/aws/aws-sdk-go/service/sts/stsiface github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/internal/sdkio github.com/aws/aws-sdk-go/internal/ini github.com/aws/aws-sdk-go/internal/shareddefaults github.com/aws/aws-sdk-go/aws/client github.com/aws/aws-sdk-go/internal/sdkrand -github.com/aws/aws-sdk-go/service/sts/stsiface github.com/aws/aws-sdk-go/aws/client/metadata github.com/aws/aws-sdk-go/aws/corehandlers github.com/aws/aws-sdk-go/aws/request